﻿<?php
include("configtop.php");
$tb="user";
$user=$_POST["username"];
$pass=$_POST["pass"];
$pass=stripslashes($pass);
$user=stripslashes($user);
$user=mysql_real_escape_string($user);
$pass=mysql_real_escape_string($pass);
$pass=md5($pass);
$query="select * from $tb where username=\"$user\";";
$res=mysql_query($query);
$flag=0;
while($ar=mysql_fetch_array($res)){
  if($ar["enpass"]==$pass){
    $flag=1;
  }
}
if($flag==1){
echo("Đăng nhập thành công!");
setcookie("login",$user, time()+10*60);
$id=md5($pass.time());
setcookie($user,$id,time()+ 10*60);
$_SESSION[$user]=$id;
echo("<meta content=\"5; url=index.php\" http-equiv=\"refresh\"/>");
}

include("configbot.php");
?>